Skip to content

Commit

Permalink
feat(chore): included githubactions in the dependabot config
Browse files Browse the repository at this point in the history 
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot

GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>

Co-authored-by: Marco 'Lubber' Wienkoop <c64@lubber.de>
  • Loading branch information
@naveensrinivasan @lubber-de
naveensrinivasan and lubber-de committed Apr 29, 2022
1 parent 4f4f204 commit 99d0728
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions .github/dependabot.yml
View file
Expand Up @@ -15,3 +15,13 @@ updates:
- dependency-name: gulp-replace
versions:
- 1.1.0
- package-ecosystem: github-actions
directory: "/"
schedule:
interval: daily
time: "06:00"
open-pull-requests-limit: 99
target-branch: develop
labels:
- type/dependencies
- state/awaiting-reviews

0 comments on commit 99d0728

Please sign in to comment.